👋 Find high-impact vulnerabilities and exploit them faster with our latest updates! 🚀
💥 Network Scanner Enhancements
- Detect CVE-2023-48788
- Get individual findings for PostgreSQL, MongoDB, OracleDB, and Redis.
- Receive informational findings when a port redirects to another port, helping to streamline vulnerability checks.
-New "How to reproduce" section makes it easier to browse through details and replicate findings.
🧨 Custom Sniper Exploits
- RCE in Fortinet FortiSIEM (CVE-2024-23108)
- Info Disclosure in Check Point CloudGuard (CVE-2024-24919)
- RCE in Zeroshell (CVE-2020-29390)
🥊 Improved Password Auditor
- Screenshots generated when weak credentials are found using Basic Authorization.
- Informational findings provided for redirected ports to avoid unnecessary brute force attempts.
- Screenshots for scenarios like account lockout detection, CAPTCHA found and two-step authentication detected
- New checks added to minimize false positives when weak credentials are detected.
🧐 Website Vulnerability Scanner Updates
- Enhanced Server Side Template Injection detection with new payloads that work in code context
- JWT Detector now detects weak HMAC secrets and algorithm confusion issues
💪 DOCX Reports are now compatible with Google Docs! Collaborate more effectively with your team and speed up your review process
😎 Learn how the awesome @NahamSec uses Pentest-Tools.com to find bounty-worthy vulnerabilities.
👀 Watch his latest video to see how he navigates through hundreds of domains and subdomains to zero in on high-potential targets: • Hacking Large Corporat...
00:00 Intro
00:42 Better findings from the Network Scanner
01:39 Custom Sniper exploits for RCE
03:05 More efficient brute-forcing with the Password Auditor
03:57 Detect Weak HMAC Secrets and Algorithm Confusion
04:24 Google Docs compatibility for DOCX reports
04:51 NahamSec X Pentest-Tools.com for bug bounty hacking
05:16 Outro
#CyberSecurity #EthicalHacking #PentestTools #VulnerabilityScanning #NetworkSecurity #WebAppSecurity #BugBounty
____________
💡 See ALL OUR TOOLS: pentest-tools.com/alltools
@ us on Twitter: / pentesttoolscom
Join 46k+ offensive security specialists on LinkedIn: / pent. .
Become a member of our community of cybersecurity enthusiasts and professionals: / pentest_tool. .
#PenetrationTesting #Pentesting #EthicalHacking #PentestToolsCom
____________
WHAT IS Pentest-Tools.com?
Use the Pentest-Tools.com platform to quickly detect and report vulnerabilities in websites and network infrastructures!
✔ 20+ tightly integrated penetration testing and ethical hacking tools for easier, faster, and more effective engagements
✔ Built for security professionals in charge of penetration testing and vulnerability assessments (VAPT)
✔ Painless vulnerability management: add manual findings, change risk levels, delete obsolete targets, create and export customizable reports (complete with vulnerability information and remediation suggestions)
✔ Instant overview of all open ports, services, and running software from all your targets in a central, unified view (Attack Surface)
✔ Comprehensive scanning options: scheduled scans, robust API, internal network scanning through VPN agent, scan multiple targets at the same time
✔ Flexible subscription: choose monthly billing and you can cancel anytime. Alternatively, choose the yearly plan and get a 15% discount!
"Pentest-Tools is great for streamlining any security engagement" - Tavis D., Security Engineering Manager
"The Pentest-Tools platform, by far, was the best that I found. Not only for the quality of the built-in tools, but also for the high quality of the technical team behind the platform. Being supported by a quality team is crucial for the professional involved in Pentesting to be successful." - Vagner N., DevOps Specialist
“Pentest-Tools.com is the Swiss Army Knife of scanning tools”
Mark D., Apple Certified Support Professional
See how our customers use the platform:
www.g2.com/products/pentest-t...
Негізгі бет June 2024 updates on Pentest-Tools.com
No video
Пікірлер: 1